Frequent headlines about malicious online attacks have underscored the need for innovative cybersecurity solutions.
A new system developed by researchers at the University of Waterloo provides an efficient method of decentralized, online security in a way that is easy for the average person to use. Bitforest converts more easily remembered names, such as usernames and domain names, to values like public keys needed for securely communicating with computer services and devices.
There are two main uses that this system offers: policy enforcement and identity retention. The first feature allows for better policy enforcement by placing greater controls into who can input information into the naming system. The second feature, identity retention, is there to prevent identity theft and relies on blockchain technology.
“This could have important implications as the world moves towards more interconnected devices such as autonomous vehicles, smart watches and smart homes as we continue to expand the Internet of Things (IoT),” said Raouf Boutaba, co-author of the study and a professor in Waterloo’s David R. Cheriton School of Computer Science, in the Faculty of Mathematics. “IoT devices are going to be everywhere, and they control very sensitive parts of our personal and professional lives with 75 billion such devices projected to be deployed by 2025. The security of these devices is going to be extremely important.”
Bitforest, which relies on public blockchains like Bitcoin for security and a central server to enforce policy, achieves decentralized trust and security as strong as existing blockchain-based naming systems. It also retains most of the flexibility and performance of centralized Public Key Infrastructure, allowing validating thin clients to look up and verify name bindings with comparable efficiency to traditional systems.